Method and a device for mobile telephone supervision

ABSTRACT

The invention relates to a method and to an arrangement for identifying an unauthorized user (A2) of a mobile telephone (M) that includes a terminal identity (m) and a chosen security code (PIN1). When the authorized owner (A1) has placed his/her authorized SIM-card (SIM1) in the mobile telephone (M) and has entered a security code (PIN1) into the mobile telephone (M), the mobile telephone ties a SIM-identity (s1) of the SIM-card (SIM1) to the terminal identity (m). If the authorized user (A1) loses his/her mobile telephone (M), the subscription is blocked. An unauthorized user (A2) purchases a subscription and is issued with a second SIM-card (SIM2), which he/she places in the mobile telephone (M). When the unauthorized user (A2) enters a security code (PIN2&#39;) that does not match the chosen security code (PIN1), the mobile telephone (M) compares the SIM-identity (s2) of the second SIM-card (SIM2) with the terminal identity (m). Since these identities (s2, m) do not match one another, the mobile telephone (M) automatically sends the identities (s2, m) to a service node (F), which confirms receipt of the identities by sending a response signal (RES) to the mobile telephone (M). The service node (F) is able to obtain personal user information (A2-info) from the database (D2) of the operator (P2) relating to the unauthorized user (A2) of the mobile telephone (M), via the SIM-identity (s2).

FIELD OF INVENTION

The present invention relates to a method and to an arrangement foridentifying a user of a mobile communications unit.

FIELD OF INVENTION

It is known to issue with each mobile communications unit a user cardthat has a unique user identity and that must be used with the mobilecommunications unit in order for the unit to be functional. The usercard is tied to a subscriber to a specific operator.

Each mobile communications unit, which may be a mobile telephone or acordless telephone for instance, has a terminal identity. This terminalidentity may be the manufacture number or serial number of the unit,referred to in the European mobile telephone system, the GSM system, asthe IMEI identity (International Mobile Equipment Identity). The IMEIidentity is stored in a circuit in the mobile communications unit andcannot readily be accessed. The aforesaid user identity belonging to aspecific user card is referred to in the GSM system as the IMSI identity(International Mobile Subscription Identity).

In the GSM system, the user card is referred to as the SIM-card and theIMSI identity may also be referred to as the SIM-identity.

When the owner of a mobile communications unit wishes to tie a mobilecommunications unit to a subscription, he or she applies to an operatorfor the purchase of a SIM-card. This card entitles the user to anoperator subscription service via which the mobile communications unitis able to utilize those networks that belong to the operator.

In his/her application, the owner states the terminal identity ofhis/her mobile communications unit together with personal information,such as name, address, telephone number, personal identification number,this information being stored by the operator in a database or some likedevice. The operator may also store in the same location informationrelating to those services that the new owner may use. Services such ascall billing are performed on the user card, for instance.

The operator assigns a unique user identity to the SIM-card, a so-calledSIM-identity, which relates to the owner information stored in thedatabase. The user identity may also include a unique identificationcode that identifies the operator which administers the subscription towhich the SIM-card is tied.

Swedish Patent No. 9203351-3 teaches a mobile communications unit thatcan distinguish its own user card from other user cards.

If a mobile communications unit belonging to an authorised user isstolen by an unauthorised user, the authorised owner will report thetheft to the operator that administers the subscription utilized by thestolen mobile communications unit. The operator is then able to blockthe user card in the stolen unit, wherewith the unit can no longer beused together with the blocked user card.

The unauthorised user is able to replace the existing user card in theunit with another user card that is allocated a user identity andtherewith obtain access to the stolen mobile communications unit. Theunauthorised user is then able to set up a call connection via thestolen mobile communications unit on the subscription belonging to thenew user card.

It is known to prevent the use of a stolen mobile communications unit byan unauthorised user by blocking the stolen unit upon request from theowner, so as to render the unit unusable. In this case, the mobilecommunications unit is equipped with an authenticator that can be usedby the operator to block the unit and therewith prevent its further use.

Another method of preventing an unauthorised user from using a stolenmobile communications unit is to require a special code to be keyed-inwhen one user card is replaced with a new user card, in order for thenew user card to function together with the mobile communications unit.The mobile communications unit is otherwise unusable.

It is thus possible to prevent an unauthorised user from using a mobiletelephone, although the unauthorised user will remain anonymous. It isnot therefore possible to insure a mobile communications unit atpresent, because of the large number of mobile communication units thatare stolen. Insured mobile communications units would result in largeclaims on respective insurance companies.

Patent Specification WO 95/26115 describes a mobile telephone that canbe used when the IMSI identity of a SIM-card inserted into a mobiletelephone coincides with the identity pre-stored in the mobiletelephone. The mobile telephone compares the two identities and blocksfurther use of the mobile telephone when these identities do notcoincide.

Thus, an operator is able to ensure that the mobile telephone can onlybe used with a SIM-card that belongs to the operator, this SIM-identitycoinciding with the identity pre-stored in the mobile telephone. Themobile telephone will be blocked against further use when a userreplaces the SIM-card with an unauthorised SIM-card.

U.S. Pat. No. 4,843,385 teaches a radio that can be blocked by keying asecurity identity into the radio. The radio is disabled in its blockedstate, and therefore cannot be used. In order to unblock the radio, itis necessary to enter the correct identity. Otherwise, the radioautomatically sends a message to the operator that has the identity ofthe radio, indicating that the wrong identity has been keyed-in,wherewith appropriate measures can be taken.

DISCLOSURE OF THE INVENTION

The present invention is concerned with the problem of ascertainingwhether or not the user of a user card is authorised to use the card ina given telecommunications unit. This check shall be carried out withoutthe user of the mobile communications unit being aware of the check.

Another problem with which the invention is concerned is one of enablingan unauthorised user of a mobile communications unit to be identifiedwithout forewarning the unauthorised user.

Accordingly, the object of the present invention is to ascertain whetheror not a user of a mobile communications unit is authorised to usehis/her user card in the unit, and to establish the identify of anunauthorised user of a mobile communications unit. This shall take placewithout either the user or the unauthorised user of the mobilecommunications unit being aware of these procedures.

To this end, it is proposed in accordance with the present inventionthat when inserting a user card into a mobile communications unit, theunit will automatically request the insertion of a security code. Theuser then enters a code into his/her mobile communications unit. If thesecurity code entered is erroneous and the terminal identity and theuser identity do not coincide with one another, the mobilecommunications unit automatically sends its own terminal identity andthe user identity of the inserted user card to a service node.

The service node may be an insurance company with which the mobilecommunications unit is insured, or it may be the operator responsiblefor the subscription to which the user card is tied. The informationassociated with the user identity obtained from the mobilecommunications unit may then be used in the service node to takeappropriate action, such as tracing an unauthorised user, for instance.

More specifically, the problem is solved by virtue of the authorisedowner of the mobile communications unit stipulating the identity of theuser card with which the mobile communications unit shall function, byentering a security code chosen by the authorised owner into said unitwhen the user card is placed therein. This automatically ties the useridentity of the user card with the terminal identity such as toestablish a specific relationship therebetween.

The mobile communications unit will ask for the security codeautomatically each time a user card is placed in the unit. If thesecurity code entered in response to this request is not correct, or ifthe code is not entered into the unit, the unit will compare the useridentity belonging to the inserted user card with the terminal identity.If these identities fail to show the aforesaid specific mutualrelationship, the mobile communications unit stores the user identityand automatically sends both identities to the service node. The mobilecommunications unit then repeats this transmission of the stored useridentity and the terminal identity without the user of the mobilecommunications unit being aware of this procedure, until the mobilecommunications unit receives a response signal from the service node.The service node confirms receipt of the user identity and the terminalidentity transmitted by the mobile communications unit, by sending aresponse signal to the communications unit.

The mobile communications unit ceases to send stored user identity andterminal identity upon receipt of the response signal and erases thestored user identity.

The service node is then able to obtain information tied to the useridentity, by contacting the operator of the subscription utilized by theuser card in the mobile communications unit, and therewith identify theuser of the user card inserted in said unit.

One advantage afforded by the present invention is that a stolen unitcan be traced to the unauthorised user without the unauthorised userbeing aware of what is happening and without the unit being blocked. Itis the mobile communications unit that sends the user identity and theterminal identity automatically to the service node.

Because the mobile communications unit repeatedly sends the stored useridentity and the terminal identity when a mismatch is found until aresponse signal is obtained, without the user of the unit -being awareof what is happening, information relating to the user identity and theterminal identity stored in said unit will eventually be received in theservice node even should the user be located temporarily in aradio-shielded place.

Another advantage is that the mobile communications unit is nowinsurable, because it can be traced to an unauthorised user. The presentinvention can also be used by the service node to check whethereverything is in order, by contacting the authorised owner of the unitto ascertain whether or not a mistake has been made, for instance in thecase of confusion between user cards.

Another advantage afforded by the invention is that the mobilecommunications unit can be marketed by the operator as being secureagainst theft, since unauthorised users that are aware of the modusoperandi of the inventive electronics are not interested in possessingsuch a mobile communications unit.

The invention will now be described in more detail with reference topreferred exemplifying embodiments thereof and also with reference tothe accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1a is a schematic illustration of an inventive communicationsnetwork.

FIG. 1b is a graphic illustration of a database storage field forstoring data in accordance with the invention.

FIG. 2 is a block schematic of a mobile telephone and a service nodeaccording to the invention.

FIG. 3 is a flowchart that illustrates the inventive method.

FIG. 4 is a signalling diagram that illustrates signalling between themobile telephone and the service node in accordance with the invention.

DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS

FIG. 1a illustrates the construction of a communications network thatincludes one or more radio communications networks, such as, inter alia,a first radio communications network RN11, a second radio communicationsnetwork RN12, and a third radio communications network RN13, and also apublic switched telephone network, PSTN. Each radio communicationsnetwork RN11, RN12, RN13 includes one or more base stations connected toa mobile services switching centre (MSC) which forms an interfaceagainst the public switched telephone network, PSTN, to which operatorsP1 and P2 and a service node F are also connected.

Several mobile telephone users are located in the radio communicationsnetwork RN11, among them an authorised user A1, also called an owner,and a base station BS1 connected to the switching centre MSC. The ownerA1 owns a mobile telephone M (FIG. 2) which is provided with aninaccessibly stored terminal identity, a so-called mobile identity mwhich has been registered by the owner A1 at the service node F. Themobile identity m identifies the mobile telephone M and may be theserial number of the telephone for instance. The service node F may bean insurance company used by one of the operators P1, P2.

Several mobile telephone users are present in the radio communicationsnetwork RN12, among them an unauthorised user A2, and a base station BS2that is connected to the mobile services switching centre MSC.

FIG. 1a shows the mobile telephone M and its mobile identity m in twodifferent positions, i.e. a position PosA of the owner A1 and a positionPosB of the unauthorised user A2.

Two operators P1 and P2 are connected to the mobile services switchingcentre MSC, and supply subscriptions for utilizing the radiocommunications networks RN11, RN12, RN13. The operator P1 storesinformation relating to its subscriber users in a database D1, and theoperator P2 stores information relating to its user subscribers in adatabase D2, as described in more detail hereinafter.

The databases D1, D2 include storage fields 10 in which informationrelating to respective users A1, A2 of each user card, the SIM-cardsSIM1, SIM2, SIM3 as described above is stored. When purchasing aSIM-cards SIM1, SIM2, SIM3 from the operator P1 or from the operator P2,the SIM-card SIM1, SIM2, SIM3 is given an associated SIM-identity s1,s2, s3, which is tied to corresponding information relating to the userA1, A2 of each SIM-card SIM1, SIM2, SIM3.

An identification code P1-id, P2-id included in the SIM-identity s1, s2,s3 identifies the operator P1, P2 with which the SIM-identity s1, s2, s3is registered.

FIG. 1b illustrates the possible construction of a storage field 10 inthe databases D1, D2. The storage field 10 includes five storage units1, 2, 3, 4 and 5 in which data can be stored. The names of respectiveusers A1, A2 are stored in the first storage unit 1, the telephonenumber of respective users A1, A2 is stored in the second storage unit2, the address of respective users A1, A2 is stored in the third storageunit 3, the personal identity number of respective users A1, A2 isstored in the fourth storage unit 4, and the aforementioned SIM-identitys1, s2, s3 tied to respective user information A1, A2 is stored in thefifth storage unit 5. The storage field 10 may include more than theaforesaid five storage units 1, 2, 3, 4, 5 when wishing to store moreuser information. When a particular piece of user information need notbe stored in the storage field 10, a corresponding storage unit may beexcluded. The order in which user information is stored in the storageunits 1, 2, 3, 4, 5 may be different to that described, the illustratedconstruction of the storage field 10 being given merely by way ofexample.

FIG. 2 is a block schematic illustrating a mobile telephone M, a firstSIM-card SIM1 and the aforedescribed service node F. The mobiletelephone M includes, among other things, an interlinking unit 301, acard space u, a read-in unit 303, a first comparitor unit 305, areceiver 306, a transmitter 307, a keypad 309, a display 310, an enquiryunit 313, a second comparitor unit 315, a memory unit 317, and a controlunit 319, these components being those illustrated in the Figure. Thereceiver 306 and the transmitter 307 are connected to an antenna 311.The units are interconnected by a databus 312.

The first SIM-card SIM1 includes, among other things, a processor 331,which is the component shown in the Figure. The SIM-identity S1, alsoshown in the Figure, allocated to the first SIM-card SIM1 is stored inthe processor 331.

The service node F includes, among other things, a receiver 321, atransmitter 322, a localising unit 323, a computer unit D_(F), a controlmeans 329 and a registering unit 330. The receiver 321 and thetransmitter 322 are connected to an antenna 327. The units areinterlinked by a databus 328.

The memory unit 317 of the mobile telephone M is used to inaccessiblystore the aforesaid mobile identity m and a chosen security code PIN1.This code is used by the owner A1 when he/she removes and replaceshis/her first SIM-card SIM1 from and into the mobile telephone Mrespectively. The memory unit 317 is also used to temporarily store theSIM-identity s2, for instance. When the first SIM-card SIM1 is placed inthe intended card space u in the mobile telephone M, the read unit 303reads and registers the SIM-identity s1 belonging to the first SIM-cardSIM1.

The enquiry unit 313 is used to ask the owner to enter his/her securitycode PIN1 in response to a request displayed on the display 310. Theowner A1 enters a security code PIN1' on the keypad 309.

The first comparitor unit 305 is used to compare the entered securitycode PIN1' with the chosen, stored security code PIN1.

The interlinking unit 301 ties together and establishes a relationshipbetween the mobile identity m and the SIM-identity s1 stored in thememory unit 317, as before described.

The second comparitor unit 315 in the mobile telephone M compares theregistered SIM-identity s1 with the mobile identity m to ascertainwhether or not the relationship established in the interlinking unit 301has been fulfilled.

The units u, 301, 303, 305, 306, 307, 309, 313, 315, 317, 319 in themobile telephone M are connected to the databus 312, through which theunits communicate with one another. The control unit 319 in the mobiletelephone M controls the various units u, 301, 303, 305, 306, 307, 309,313, 315, 317 through the medium of the databus 312 and causes saidunits to perform desired operations in accordance with the method.

The localising unit 323 in the service mode F includes, among otherthings, an identifying unit 325 which identifies the operator P2associated with a SIM-identity s2 received in the service node F, andthe identifying unit 325 identifies the user A2 of the mobile telephoneM. The component 325 is shown in the Figure.

The computer unit D_(F) in the service node F functions to registerincoming messages, such as the SIM-identity s2 and the mobile identitym, these messages being shown on the screen D_(S) of the computer D_(F).

The registration unit 330 is used to store the aforesaid mobile identitym and its corresponding owner A1.

The control means 329 in the service node F controls the various units321, 322, 323, D_(F), 325, 330 via the databus 328, said units 321, 322,323, D_(F), 325, 330 being connected to the databus 328.

An exemplifying embodiment will now be described with reference to FIGS.1a and 2, wherein the owner A1 wishes to identify an unauthorised userA2 of a mobile telephone M that has been lost or stolen.

When using the mobile telephone M for the first time, the user A1chooses a security code PIN1 and enters the code in the mobile telephoneM. The mobile telephone M registers the chosen security PIN1 and thecode is stored inaccessibly in the mobile telephone M.

The owner A1 later wishes to subscribe to operator P1 and thereforeapplies for a first SIM-card SIM1 that entitles him/her to thesubscription services offered by the operator P1. The applicationincludes the mobile identity m and personal information A1-info, such asthe name, telephone number, address, personal identification number ofthe owner A1. The operator P1 stores the owner information A1-info inthe storage field 10 in the database D1 in accordance with the above,and relates this information to the SIM-identity s1. The first SIM-cardSIM1 is allocated the aforesaid SIM-identity s1 and the first SIM-cardSIM1 is then delivered to the owner A1. The SIM-identity s1 includes theidentification code P1-id of the operator P1.

The owner A1 can then place the first SIM-card SIM1 in the card space uin the mobile telephone M. The mobile telephone M senses that the firstSIM-card SIM1 is in position in the card space u, wherewith the mobiletelephone M reads-in the SIM-identity s1 of the first SIM-card SIM1. Themobile telephone M will then ask the owner to enter the security codePIN1, for instance in response to a request shown on the display 310.The owner A1 enters into the mobile telephone M a security code that hehas himself chosen.

The mobile telephone M reads-in the entered security code PIN1' andcompares this code with the chosen, stored security code PIN1. Whenthese codes are in agreement, the mobile telephone M ties theSIM-identity s1 with the mobile identity m and registers therelationship that prevails between the SIM-identity s1 and the mobileidentity m. The way in which this is carried out will be described belowwith reference to FIG. 2.

The owner A1 is now able to use the mobile telephone M and establishcommunication on the subscription tied to the operator P1.

It is now assumed that an unauthorised user A2 takes the mobiletelephone M into his possession. The owner A1 informs the operator P1that the mobile telephone M is missing. The operator P1 will then blockthe SIM-identity s1 of the first SIM-card SIM1 in the mobile telephoneM, therewith making it impossible for the user A2 to use the mobiletelephone M with the first SIM-card SIM1.

The unauthorised user A2 is assumed to wish to subscribe to the operatorP2 and applies for a second SIM-card SIM2 with the operator P2,therewith entitling user A2 to the services afforded by the operator P2.In the same way as that described above, the user A2 submits anapplication which contains mobile identity m and personal informationA2-info. The operator P2 stores the A2-info relating to the user A2 inthe database D2 and relates this information to the SIM-identity s2. TheSIM-identity s2 is tied to the second SIM-card SIM2 and the secondSIM-card SIM2 is then delivered to the user A2. The SIM-identity s2includes the operator identification code P2-id.

The user A2 then places the second SIM-card SIM2 in the card space u ofthe mobile telephone M, wherewith the mobile telephone M senses that thesecond SIM-card SIM2 is in position in the card space u. The mobiletelephone M reads-in the SIM-identity s2 of the second SIM-card SIM2 andthen asks the owner to enter the aforesaid security code PIN1, via thedisplay. The user A2 enters a code PIN2' in the mobile telephone M.

The mobile telephone M reads the entered code PIN2' and compares thiscode with the chosen, stored security code PIN1. Since these codes donot agree, the mobile telephone M compares the SIM-identity S2 with themobile identity M. This comparison shows that the aforesaid relationshipbetween the SIM-identity s2 and the mobile identity m is invalid. Themobile telephone M then stores the SIM-identity s2 in a memory andautomatically transmits the SIM-identity s2 and the mobile identity m.

A so-called SMS-service (Short Message Service) in the GSM system isused in the transmission of the SIM-identity s2 and the mobile identitym on a stand-alone dedicated control channel (SDCCH). The SIM-identitys2 and the mobile identity m are transmitted on the control channelSDCCH via the base station BS2 and the mobile services switching centreMSC to a computer D_(F) included in the service node F. The SMS-serviceis used in the GSM system to send short text messages to and from amobile telephone, such text messages being allowed to include a maximumof 160 alphanumerical characters.

The mobile telephone M periodically repeats the dispatch of the storedSIM-identity s2 and the mobile identity m at regular time intervals,each time interval having a duration of T-seconds, until the mobiletelephone M receives a response signal RES. The message is sentrepeatedly from the mobile telephone M in order to ensure that the basestation BS2 will ultimately receive the SIM-identity s2 and the mobileidentity m, for instance in the event of the mobile telephone M beinglocated temporarily in an area in which it is screened radio-wise fromthe base station BS2.

The computer D_(F) in the service node F receives and registers theSIM-identity s2 and the mobile identity m sent by the mobile telephone Mand presents the same on the screen D_(S) of the computer D_(F). Thecomputer D_(F) then automatically sends to the mobile telephone M, viathe switching centre MSC and the base station BS2, a response signal RESconfirming the receipt and registration of the SIM-identity s2 and themobile identity m. As in the aforedescribed case, the SMS-service isused to transmit the SIM-identity s2 and the mobile identity m on thecontrol channel SDCCH.

Receipt and registration of the SIM-identity s2 and the mobile identitym in the computer D_(F) can also be confirmed by sending the responsesignal RES manually from the computer D_(F) in the same way as thatdescribed above.

The mobile telephone M ceases periodic transmission of the SIM-identitys2 and the mobile identity m upon receipt of the response signal RES,and then erases the SIM-identity s2 from its memory.

When the service node F becomes aware of the SIM-identity s2 and themobile identity m received by the computer D_(F) and presented on thescreen D_(S), the service node F reads the operator identification codeP2-id from the SIM-identity s2 and therewith identifies the operator P2with which the SIM-identity s2 is registered. The service node F thencontacts the operator P2 and obtains from the operator database D2personal information concerning the user A2, A2-info tied to theSIM-identity s2.

The service node F also contacts the owner A1 tied to the registeredmobile identity m and checks whether an error has occurred or if theowner A1 has lost his mobile telephone M. Since it is assumed that theowner A1 has lost his mobile telephone M in the illustrated case, theservice node F uses the personal information A2-info obtained from theoperator p2 to trace the user A2 of the mobile telephone M.

A variant of the aforedescribed example will now be described.

As with the previous example, it is assumed that the owner A1 takes outa subscription with the operator P1 and is issued with a first SIM-cardSIM1 tied to the SIM-identity s1, in which the operator identificationcode P1-id is included. The owner A1 places the first SIM-card SIM1 inthe mobile telephone M and enters the security code PIN1' in response toa request made by the mobile telephone M, in accordance with theaforegoing. The mobile telephone M ties the SIM-identity s1 with themobile identity m and registers the relationship that prevails betweenthe SIM-identity s1 and the mobile identity m.

The owner A1 is now able to use his mobile telephone M and to establishcommunication on the subscription tied to the operator P1.

It is now assumed that the owner A1 wishes to take-out a newsubscription with the operator P2. The owner A1 therefore applies for athird SIM-card SIM3 which will entitle him to use the new subscriptionwith the operator P2. The application includes the mobile identity m andpersonal information A1-info relating to the owner A1. The personalinformation A1-info is stored in the database D2 by the operator P2, inthe same way as that described above, and the personal informationA1-info is related to the SIM-identity s3. The third SIM-card SIM3 isallocated the SIM-identity s3 and the third SIM-card SIM3 is then issuedto the owner A1. The SIM-identity s3 includes the operatoridentification code P2-id.

The owner A1 places the third SIM-card SIM3 in the card space u of themobile telephone M and enters the security code PIN1' in response to arequest from the mobile telephone M. The mobile telephone M senses thatthe third SIM-card SIM3 is in place in the card space u and reads-in theSIM-identity s3 of the SIM-card SIM3 and the entered security codePIN1'.

The mobile telephone M then compares the entered security code PIN1'with the aforesaid chosen security code PIN1 stored in the telephone.The comparison finds that these codes match one another and the mobiletelephone M ties the SIM-identity s3 with the mobile identity m andregisters the relationship prevailing between the SIM-identity s3 andthe mobile identity m.

The user A1 is now able to use the mobile telephone M to establishcommunication with the subscription tied to the operator P2.

It is assumed in this example that the owner A1 enters the wrongsecurity code PIN4 in the mobile telephone M, after having placed thethird SIM-card SIM3 in the card space u. The mobile telephone M willthen read-in the erroneous security code PIN4 and compare it with theaforesaid security code PIN1 chosen by the owner A1. The comparisonshows that these codes do not match and the mobile telephone M willcontinue by comparing the SIM-identity s3 allocated to the thirdSIM-card SIM3 with the mobile identity m. Because the SIM-identity s3and27 the mobile identity m are not tied together by the mobiletelephone M, the comparison will show that the aforesaid relationshipbetween the SIM-identity s1 and the mobile identity m is invalid withrespect to the SIM-identity s3 and the mobile identity m. The mobiletelephone M then stores the SIM-identity s3 in its memory andautomatically dispatches the SIM-identity s3 and the mobile identity m.

The mobile telephone M uses the aforedescribed SMS-service to dispatchthe SIM-identity s3 and the mobile identity m on the control channelSDCCH. The SIM-identity s3 and the mobile identity m are sent on thecontrol channel SDCCH to the computer D_(F) in the service node F, viathe base station BS1 and the switching centre MSC.

The mobile telephone M continues to transmit the stored SIM-identity s3and the mobile identity m at regular intervals until it receives theresponse signal RES, as described above.

The computer D_(F) in the service node F receives and registers theSIM-identity s3 and the mobile identity m sent by the mobile telephoneM, and presents the same on the computer screen D_(S). The computerD_(F) then automatically sends a response signal RES to the mobiletelephone M, via the switching centre MSC and the base station BS1, inacknowledgement of the receipt of said identities. As in the earliercase, the SMS-service is used to send the SIM-identity s3 and the mobileidentity m on the control channel SDCCH.

The mobile telephone M ceases to send the SIM-identity s3 and the mobileidentity m upon receipt of the response signal RES and then erases thestored SIM-identity s3 from its memory.

When the service node F notices on the computer screen D_(S) that thecomputer has received the SIM-identity s3 and the mobile identity m, theservice node F runs a check on the owner A1 of the registered mobileidentity m. The service node F takes no further action when an error hasoccurred.

A further alternative to the aforedescribed example is one in which theowner A1 applies for the first SIM-card SIM1 from the operator P1 withthe intention of obtaining a subscription, as described above. As in theprevious case, the operator P1 stores the personal information A1-inforelating to the SIM-identity s1 in the database D1 and allocates thefirst SIM-card SIM1 the SIM-identity s1 in which the operatoridentification code P1-id is included.

The owner A1 places the first SIM-card SIM1 in the intended card space uand enters the security code PIN1' in response to a request from themobile telephone M. The mobile telephone M senses that the firstSIM-card SIM1 is in position in the card space u and reads-in theSIM-identity s1 of the first SIM-card SIM1 and the entered security codePIN1'.

The mobile telephone M compares the entered security code PIN1' with theaforementioned chosen and stored security code PIN1. The comparisonshows that these codes are identical and the mobile telephone M thenties the SIM-identity s1 with the mobile identity m and registers therelationship that prevails between the SIM-identity s1 and the mobileidentity m.

The owner A1 is now able to use the mobile telephone M for communicationon the subscription tied to the operator P1.

Assume that the owner A1 removes the first SIM-card SIM1 and then placesthe first SIM-card SIM1 in the intended card space u in the mobiletelephone M. The mobile telephone M then senses the presence of thefirst SIM-card SIM1 and reads-in the SIM-identity of the first SIM-cardSIM1 and asks for the chosen, stored security code PIN1 to be entered.

Assume that the owner A1 enters an erroneous security code PIN3. Themobile telephone M reads-in the entered security code PIN3 and comparesthis code with the chosen, stored security code PIN1. This comparisonshows that the entered security code PIN3 is erroneous. The mobiletelephone M then makes a comparison between the SIM-identity s1 and themobile identity m. This comparison shows that the aforesaid relationshipbetween the SIM-identity s1 and the mobile identity m is valid and nofurther procedures are carried out in the mobile telephone M.

The owner A1 is therewith able to use the mobile telephone M andcommunicate on the subscription tied to the first SIM-card SIM1.

The mobile telephone M will compare the SIM-identity s1 with the mobileidentity m, even in the case when the owner A1 neglects to enter thesecurity code PIN1 as requested by the mobile telephone in the previousexamples. The comparison shows that the aforesaid relationship betweenSIM-identity s1 and the mobile identity m to be valid, wherewith nofurther procedures are carried out in the mobile telephone M.

FIGS. 3a and 3b are flow charts which illustrate the inventive method asdescribed in the previous examples. The mobile identity m and thesecurity code PIN1 chosen by the telephone owner A1 are stored in themobile telephone M. The owner A1 has registered the mobile identity mwith the service node F, see above.

The method is commenced with the owner A1 placing the first SIM-cardSIM1 in the card space u intended in the mobile telephone M, step 101.The first SIM-card SIM1 entitles the user to subscription servicesprovided by the operator P1, and the SIM-identity s1 allocated to thefirst SIM-card SIM1 is tied to personal information A1-info related tothe owner A1, this information being stored in the database D1 of theoperator P1 as described above. The SIM-identity s1 includes theoperator identification code P1-id.

The mobile telephone M senses the presence of the first SIM-card SIM1 inthe card space u and reads-in the SIM-identity s1 belonging to the firstSIM-card SIM1 in step 103, and asks for the security code PIN1 to beentered.

The owner A1 enters the security code PIN1' in step 105, and the mobiletelephone M reads-in said code PIN1'. The mobile telephone M thencompares the entered security code PIN1' with the chosen, storedsecurity code PIN1 in step 107. The comparison shows that these codesare identical, in accordance with an alternative Y. In step 109, themobile telephone M ties the read-in SIM-identity s1 to the mobileidentity m and registers the relationship that prevails between theSIM-identity s1 and the mobile identity m.

An unauthorised user A2 takes the mobile telephone M and replaces thefirst SIM-card SIM1 with a second SIM-card SIM2 that entitles the userto the subscription services provided by the operator P2, and theSIM-identity s2 allocated to this second SIM-card SIM2 is tied topersonal information A2-info relating to the user A2 and thisinformation is stored in the database D2 of the operator P2. TheSIM-identity s2 includes the operator identification code P2-id.

In step 101, the user A2 places the second SIM-card SIM2 in the intendedcard space u in the mobile telephone M.

The mobile telephone M senses the presence of the second SIM-card SIM2in the card space u and, in step 103, reads-in the SIM-identity s2 andrequests the security code PIN1 chosen by the owner A1, in accordancewith the above.

In step 105, the user A2 enters the security code PIN2' and the mobiletelephone M reads-in the entered security code PIN2'. The mobiletelephone M then compares the entered security code PIN2' in step 107with the chosen, stored security code PIN1, this comparison showing amismatch in accordance with an alternative N.

In step 111, the mobile telephone compares the read-in SIM-identity s2with the mobile identity m, this comparison showing that theseidentities do not fulfil the above-mentioned tied relationship, inaccordance with alternative N. In step 112, the mobile telephone M thenstores the read-in SIM-identity s2 in the memory and transmits theread-in SIM-identity s2 and the mobile identity m in step 113. Themobile telephone M uses in this transmission the aforesaid SMS-serviceand transmits the SIM-identity s2 and the mobile identity m to thecomputer D_(F) in the service node F on the control channel SDCCH, viathe base station BS2 and the switching centre MSC.

According to a method step 117 in FIG. 3b, a check is run in the mobiletelephone M to ascertain whether or not a response signal RES has beenreceived from the service node F. This is referenced Cl in FIGS. 3a and3b. If no such response signal has been received, according toalternative N, the mobile telephone M continues in step 114 torepeatedly transmit the SIM-identity s2 and the mobile identity m storedin step 113 at regular time intervals, where each time interval has aduration of T-seconds. This is referenced C2 in FIGS. 3a and 3b.

In step 115, the computer D_(F) in the service node F receives andregisters the SIM-identity s2 and the mobile identity m sent by themobile telephone M and presents these identities on the computer screenD_(S). The computer D_(F) confirms receipt and registration of theSIM-identity s2 and the mobile identity m by sending a response signalRES to the mobile telephone M via the switching centre MSC and the basestation BS2, in step 116. As in the previous case, the SMS-service isused to dispatch the SIM-identity s2 and the mobile identity m on thecontrol channel SDCCH.

The mobile telephone M receives the response signal RES in accordancewith an alternative Y in step 117 and therewith ceases its periodictransmission of the SIM-identity s2 and the mobile identity m, wherewiththe mobile telephone M erases the stored SIM-identity s2 from its memoryin step 119.

The service node F then contacts the operator P2 identified by theidentification code P2-id in step 121, in accordance with theaforegoing. The service node F is supplied with user personalinformation A2-info from the operator database D2 by the operator P2,this information A2-info being tied to the SIM-identity s2 received inthe service node F. This personal information A2-info can be used by theservice node F to identify the user A2 of the mobile telephone M havingthe mobile identity m, in step 121.

In step 123, the service node F contacts the owner A1 tied to theregistered mobile identity m and checks whether a mistake has occurredor whether the owner A1 has had his mobile telephone M stolen, forinstance.

Since the owner A1 in this example has had his mobile telephone Mstolen, it is necessary for the service node to take the steps requiredin accordance with alternative Y in step 125. These measures are carriedout in step 127 and may involve the service node F using the personalinformation A2-info received from the operator P2 to trace the user A2of the mobile telephone M.

In the case when the owner A2 of the mobile telephone M in the previousexample is assumed to place in the mobile telephone M a third SIM-cardSIM3 that is not tied to the mobile identity m in step 101, and theowner A1 enters a wrong security code PIN3 in the mobile telephone M atthe same time in step 107, or refrains from entering the security codePIN1', the check carried out by the service node F with respect to theowner A1 in step 123 may result in the service node F refraining fromfurther action in accordance with an alternative N in step 125.

An alternative embodiment of the invention will now be described withreference to FIGS. 3a and 3b and to the previous example.

As described above, the owner A1 applies for a subscription withoperator P1 and therewith receives the first SIM-card SIMI having theallocated SIM-identity s1 that includes the identification code P1-id.In step 101, the owner A1 places the SIM-card SIM1 in the intended cardspace u in the mobile telephone M. According to the aforedescribedmethod, this results in the mobile telephone M tying the SIM-identity s1with the mobile identity m in step 109 and registering the relationshipthat prevails between the SIM-identity s1 and the mobile identity m.

It is assumed that the owner A1 removes the first SIM-card SIM1 from themobile telephone M and then places the first SIM-card SIM1 back into thecard space u in the mobile telephone M, in accordance with step 101. Themobile telephone M will therewith sense the presence of the firstSIM-card SIM1 in the card space u and, in step 103, read-in theSIM-identity s1 of the SIM-card SIM1 and present on the display arequest for the owner A1 to enter the aforesaid chosen, stored securitycode PIN1.

In step 105, the owner A1 is assumed to enter the wrong security codePIN3. The mobile telephone M reads-in the entered security code PIN3 andcompares this code with the chosen, stored security code PIN1. Thiscomparison shows that the security code PIN3 does not agree with thesecurity code PIN1, step 107. The mobile telephone M continues tocompare the read-in SIM-identity s1 with the mobile identity m, step111, wherein this comparison shows that the SIM-identity s1 and themobile identity m fulfil the relationship in the previous example,wherewith alternative Y is applied and no further measures are carriedout in the mobile telephone M.

The aforementioned signalling on control channel SDCCH will now bedescribed with reference to a signalling schema given in FIG. 4. Thevertical lines indicate events occurring in the mobile telephone M, thebase station BS2, the mobile services switching centre MSC and theservice node F in a time sequence, wherein the time is referenced t inthe Figure.

As described in the aforegoing, the owner A1 has in his possession themobile telephone M having the mobile identity m, which is registered inthe service node F. The owner A1 applies for the use of a subscriptionoffered by the operator P1, wherewith the owner A1 receives from theoperator P1 the first SIM-card SIM1 having the allotted SIM-identity s1,as described fully in the aforegoing. The SIM-identity s1 includes theoperator identification code P1-id.

The owner A1 then places the first SIM-card SIM1 in the card space u inthe mobile telephone M and then enters the security code PIN1 inresponse to a request made by the mobile telephone M, wherewith themobile telephone M ties the SIM-identity s1 of the first SIM-card SIM1to the mobile identity m.

The owner A1 is now able to use the mobile telephone M for communicationon the subscription tied to the operator P1.

It is now assumed that the unauthorised user A2 takes possession of themobile telephone M and that the owner A1 reports the loss to theoperator P1 and that the operator duly blocks the SIM-identity s1 of thefirst SIM-card SIM1 in the mobile telephone M. The unauthorised user A2is now unable to use the mobile telephone M with the first SIM-cardSIM1.

It is also assumed that the user A2 wishes to subscribe to the servicesoffered by the operator P2 and submits to the operator P2 an applicationfor a second SIM-card SIM2 that will entitle the user to use theservices afforded by operator P2. In the same way as that describedabove, the user A2 includes in his application the mobile identity mtogether with user personal information A2-info. The operator P2 storesthe user personal information A2-info in the database D2 and relatesthis information to the SIM-identity s2. The SIM-identity s2 is tied tothe second SIM-card SIM2 and the second SIM-card SIM2 is then deliveredto the user A2. The SIM-identity s2 includes the operator identificationcode P2-id.

It is assumed that the user A2 moves to a place in which he is shieldedradio-wise from the base station BS2, and that the user A2 places thesecond SIM-card SIM2 in the telephone card space u. The mobile telephoneM senses the presence of the second SIM-card SIM2 in the card space uand reads-in the SIM-identity s2 of the second SIM-card SIM2. The mobiletelephone M then displays a message requesting the aforesaid securitycode PIN1 to be entered. The user A2 then enters the code PIN2' in themobile telephone M.

The mobile telephone M reads-in the entered code PIN2' and compares thiscode with the chosen, stored security code PIN1, as in theaforedescribed cases. Since these codes do not match, the mobiletelephone M compares the SIM-identity s2 with the mobile identity m.This comparison shows that the aforesaid relationship between theSIM-identity s2 and the mobile identity m is not fulfilled. The mobiletelephone M therewith stores the SIM-identity s2 in its memory andautomatically sends the SIM-identity s2 and the mobile identity m on thecontrol channel SDCCH, as illustrated at point 401 in FIG. 4.

The mobile telephone M continues to send the aforesaid identities s2 andm at regular time intervals of T-seconds duration, as shown in theFigure, and awaits a response signal RES from the computer D_(F) in theservice node F.

The user A2 is assumed to move from the radio-wise screened place,wherewith the SIM-identity s2 and the mobile identity m that have beenrepeatedly transmitted by the mobile telephone M will finally reach thebase station BS2 at point 403. The mobile telephone M utilizes theaforedescribed SMS-service to transmit the SIM-identity s2 and themobile identity m on the control channel SDCCH to a point 405 in theFigure, via the base station BS2 and the switching centre MSC, where thecomputer D_(F) in the service node F receives and registers theSIM-identity s2 and the mobile identity m.

The SIM-identity s2 and the mobile identity m received and registered bythe computer D_(F) are shown on the screen D_(S). The computer D_(F)then sends the response signal RES to the mobile telephone M on thecontrol channel SDCCH at point 407 in the Figure, via the switchingcentre MSC and the base station BS2 in the aforedescribed manner.

The mobile telephone M receives the response signal RES at point 409,wherewith the mobile telephone ceases to transmit the SIM-identity s2and the mobile identity m and erases the stored SIM-identity s2 from itsmemory.

The service node F notices that the computer D_(F) has received theSIM-identity s2 and the mobile identity m and therewith reads from theoperator identification code P2-id included in the SIM-identity s2 theidentity of the operator P2 with which the SIM-identity s2 isregistered. The service node F then contacts the operator P2 andreceives from the operator P2 personal information A2-info taken fromthe database D2 tied to the SIM-identity s2 and to the user A2.

The service node F checks with the owner A1 tied to the registeredmobile identity m. Since the owner A1 has lost possession of his mobiletelephone M, the service node F uses the personal information A2-inforeceived from the operator P2 to trace the user A2 of the mobiletelephone M.

As an alternative to the mobile telephone M transmitting theSIM-identity s2 and the mobile identity m at regular time intervalsuntil the response signal RES is received, the mobile telephone M may beconstructed to transmit the SIM-identity s2 and the mobile identity m onthe control channel SDCCH each time the user A2 sets up a callconnection on the second SIM-card SIM2 via the mobile telephone M,without the user A2 being aware of this transmission. This procedure iscontinued until the mobile telephone M receives the response signal RES,at point 409 in accordance with the aforegoing. Other possibilities arealso feasible.

In a mobile telephone system other than the GSM system, services similarto the SMS-service may be used and channels other than the SDCCH channelmay be used to transmit said messages and signals between the mobiletelephone M and the service node F. Similarly, channels other than theSDCCH channel of the GSM system may be used.

The aforesaid SIM-identities s1, s2 and s3 are corresponded by the IMSIidentity (International Mobile Subscription Identity) in the GSM system,and the mobile identity m is corresponded by the IMEI identity(International Mobile Equipment Identity) in the GSM system. Mobiletelephone systems other than the GSM system use user cards withassociated user identities similar to the SIM-card.

It will be understood that the invention cannot be applied when the userA1 does not choose a security code PIN1 in the aforedescribed exampleswhen using the mobile telephone M for the first time.

I claim:
 1. A method of identifying the user of a mobile communicationsunit in a mobile communications system, wherein the unit has a terminalidentity and a security code that has been chosen by an authorized user,wherein said unit includes a card space for receiving a user card whichhas a user identity and is tied to an operator subscription, wherein oneof the user identities corresponding to an authorized user card islinked to the terminal identity, and wherein the method comprises thesteps of:placing the user card in the card space of the mobilecommunications unit; registering the user identity of the inserted usercard in the mobile communications unit; complying with a request made bythe mobile communications unit to enter said security code; comparing inthe mobile communications unit the requested security code with thechosen security code; making a comparison in the mobile communicationsunit between the registered user identity and the terminal identity whenthe requested security code does not agree with the chosen securitycode; storing the registered user identity in the mobile communicationsunit when the registered user identity and the terminal identity do notmatch one another; transmitting from the mobile communications unit thestored user identity and the terminal identity; and receiving theregistered, stored user identity and the terminal identity in a servicenode.
 2. A method according to claim 1, further comprising the stepsof:repeating the transmission from the mobile communications unit ofsaid stored user identity and said terminal identity; sending a responsesignal from the service node; receiving the response signal in themobile communications unit; and ceasing the transmission of the storeduser identity and the terminal identity from the mobile communicationsunit.
 3. A method according to claim 2, the registered user identity andthe terminal identity are transmitted repeatedly from the mobilecommunications unit at regular time intervals.
 4. A method according toclaim 1, in which the user having the terminal identity is registered inthe service node, further comprising the steps of:identifying theregistered authorized owner of the terminal identity in the servicenode; and localizing the user of the mobile communications unit in theservice node.
 5. A method according to claim 4, wherein the operatorpossesses a data storage device, further comprising the steps of:storingin said data storage device user information relating to the varioususers and tying said user information to the user identity of respectiveusers.
 6. A method according to claim 5, wherein said user informationrelating to respective users includes the name, address, telephonenumber and personal identification number of respective users.
 7. Amethod according to claim 5, wherein the mobile communications unit isin the possession of the user, and the registered user identity includesa unique identification identity that identifies the operator of thesubscription to which a respective user card is tied, whereinlocalization of the user of the mobile communications unit in theservice node comprises the steps of:identifying the operator in theservice node by reading the identification identity from the registereduser identity; reading the user information tied to the user identityregistered in the data storage device of the operator; transferring saiduser information from the operator to the service node; and identifyingthe user in the service node.
 8. A method according to claim 1, whereinlinking of the terminal identity of the mobile communications unit withthe user identity of the authorized user card produces a first result bycarrying out a predetermined operation between said terminal identityand said user identity, wherein the comparison carried out in the mobilecommunications unit between the registered user identity and theterminal identity includes the steps of:carrying out said predeterminedoperation on the registered user identity and the terminal identity andtherewith obtain a second result; and making a comparison between thefirst result and the second result.
 9. A method according to claim 8,wherein the registered user identity and the terminal identity match oneanother when the first result is identical to the second result.
 10. Amethod according to claim 1, wherein the comparison made in the mobilecommunications unit between the requested security code and the chosensecurity code comprises the steps of:writing the requested security codeinto the mobile communications unit; and determining in said unitwhether or not the requested security code is identical to the chosensecurity code.
 11. A method according to claim 1, wherein the servicenode is an insurance company or the operator tied to the authorized usercard.
 12. In a mobile communications system an arrangement foridentifying a user of a mobile communications unit with a terminalidentity and a security code chosen by an authorized user, wherein thearrangement includes a card space intended to receive a user card whichhas a user identity and which is tied to a subscription of an operator,wherein one of the user identities corresponding to an authorized usercard is linked to the terminal identity, and wherein the arrangementfurther includes:means for storing said terminal identity and saidchosen security code; means for registering the user identity of theuser card placed in said card space; means for requesting the insertionof the security code; means for displaying the security code insertionrequest; means for comparing the requested security code with the chosensecurity code; means for comparing the registered user identity with theterminal identity; means for storing the registered user identity; meansfor dispatching the stored user identity and the terminal identity fromthe mobile communications unit; means for registering in a service nodethe user entitled to the terminal identity; and means for receiving thedispatched registered user identity and the terminal identity.
 13. Anarrangement according to claim 12, further comprising:means for storingthe registered user identity and the terminal identity; means forsending a response signal; response signal receiving means; and meansfor localizing the user of the mobile communications unit.
 14. Anarrangement according to claim 13, wherein the operator has a datastorage device, wherein the data storage device is adapted to store userinformation related to the different users, and said user information istied to the user identity of respective users.
 15. An arrangementaccording to claim 14, wherein the service node includes means forreceiving from the operator user information tied to the registered useridentity.
 16. An arrangement according to claim 15, wherein the user hasthe mobile communications unit in his possession, and wherein said meansfor localizing the mobile communications unit in the service nodeincludes:operator identification means; and means for identifying theuser from the user information received from the operator.
 17. Anarrangement according to claim 13, wherein the device for storing theregistered user identity and the terminal identity in the service nodeincludes means for displaying the registered user identity and theterminal identity.
 18. An arrangement according to claim 12 wherein theuser identity is a SIM-code and the user card is a SIM-card in the GSMsystem.
 19. A system for identifying a user of a mobile communicationsunits comprising:a memory for storing a security code and a terminalidentity; a card space for accepting a user card; a first comparatorunit for comparing said security code to a user inputted security code;a second comparator unit for comparing said terminal identity with anidentity associated with said user card; and a transmitter, wherein ifsaid first comparator unit determines that said user inputted securitycode does not match said security code and said second comparator unitdetermines that said identity associated with said user card does notmatch said terminal identity then said transmitter transmits a messageto a service node.
 20. A system according to claim 19, wherein saidmessage comprises the terminal identity and the identity associated withsaid user card.
 21. A system according to claim 19, wherein said messageis transmitted until a response signal is received from said servicenode.
 22. A system according to claim 19, wherein a registeredauthorized owner of the terminal identity is identified in said servicenode and a user of the mobile communications unit is localized in theservice node.
 23. A system according to claim 19, wherein said servicenode stores user information which corresponds to said identityassociated with said user card, said user information includes a name,address, telephone number and personal identification number of a user.